Security

Temporal Correlations Between Spam and Phishing Websites

Download Now Free registration required

Executive Summary

To implement a phishing scam, attackers must create a fake website and send spam to attract visitors. To date, empirical research into phishing's impact has studied either the spam being sent or the website lifetimes. This paper examines both phishing websites and the associated spam to gauge the overall effectiveness of phishing attack and defense. They find that while the bulk of spam is sent around the time of the website's first appearance, spam continues to be sent for many longer lived websites until they are finally removed. They also find that attackers using 'Fast-flux' techniques are savvier than ordinary attackers, sending out more spam prior to detection and stopping faster once the websites are taken down.

  • Format: PDF
  • Size: 196.5 KB